Lucene search
K

7 matches found

Prion
Prion
added 2008/08/22 4:41 p.m.19 views

Sql injection

Multiple SQL injection vulnerabilities in class.ajax.php in Turnkey Web Tools SunShop Shopping Cart before 4.1.5 allow remote attackers to execute arbitrary SQL commands via 1 the id parameter in an editregistry action to index.php, 2 a vector involving the checkemail function, and other vectors...

7.5CVSS9.2AI score0.01573EPSS
Exploits1References8Affected Software1
CVE
CVE
added 2008/08/22 4:0 p.m.40 views

CVE-2008-3768

The vulnerability is in Turnkey Web Tools SunShop Shopping Cart before 4.1.5, affecting the file component class.ajax.php . The CVE-2008-3768 entry describes multiple SQL injection vulnerabilities that allow remote attackers to execute arbitrary SQL commands. Exploitation paths include (1) the id...

7.5CVSS8.4AI score0.01573EPSS
Exploits1References8Affected Software1
Prion
Prion
added 2008/05/19 1:20 p.m.19 views

Sql injection

SQL injection vulnerability in index.php in Turnkey Web Tools SunShop Shopping Cart 3.5.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in an item action, a different vector than CVE-2008-2038, CVE-2007-4597, and CVE-2007-2549...

7.5CVSS8.6AI score0.01195EPSS
Exploits2References5Affected Software1
Prion
Prion
added 2007/05/02 11:19 p.m.12 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools SunShop Shopping Cart 4.0 allow remote attackers to execute arbitrary PHP code via a URL in the abspath parameter to 1 include/payment/payflowpro.php, 2 global.php, or 3 libsecure.php, different vectors than CVE-2007-2070...

7.5CVSS7.8AI score0.09423EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2007/04/18 3:19 a.m.15 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools SunShop Shopping Cart before 3.5.1 allow remote attackers to execute arbitrary PHP code via a URL in the abspath parameter to 1 index.php or 2 checkout.php...

7.5CVSS7.8AI score0.09423EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2007/04/18 2:20 a.m.26 views

CVE-2007-2070

Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools SunShop Shopping Cart before 3.5.1 allow remote attackers to execute arbitrary PHP code via a URL in the abspath parameter to 1 index.php or 2 checkout.php...

7.5AI score0.09423EPSS
Exploits1References6
Cvelist
Cvelist
added 2006/04/21 10:0 a.m.21 views

CVE-2005-4787

Turnkey Web Tools SunShop Shopping Cart allows remote attackers to obtain sensitive information via a phpinfo action to 1 index.php, 2 admin/index.php, and 3 admin/adminindex.php, which executes the PHP phpinfo function. NOTE: The vendor has disputed this issue, saying that "Having this in the co...

6.3AI score0.01512EPSS
Exploits1References3
Rows per page
Query Builder